CVE-2018-6916

{"id": "CVE-2018-6916", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 8.5, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-03-09T15:29:00.313", "references": [{"url": "http://www.securitytracker.com/id/1040460", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secteam@freebsd.org"}, {"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:01.ipsec.asc", "tags": ["Patch", "Vendor Advisory"], "source": "secteam@freebsd.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results."}, {"lang": "es", "value": "En FreeBSD, en versiones anteriores a 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7 y 10.3-RELEASE-p28, el kernel no valida correctamente los paquetes IPsec provenientes de un host de confianza. Adem\u00e1s, existe una vulnerabilidad de uso de memoria previamente liberada en el c\u00f3digo de manipulaci\u00f3n de IPsec AH. Este problema podr\u00eda provocar un cierre inesperado del sistema u otro tipo de resultado impredecible."}], "lastModified": "2018-03-29T14:03:17.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "702C5136-33B6-4F0F-8FF7-C2BE3668DE70", "versionEndExcluding": "11.1", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:10.3:p28:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "735F7235-7590-4A08-9C10-B668A5A02958"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABAFFF71-1E33-4270-8418-41A11CE1B5C9"}], "operator": "OR"}]}], "sourceIdentifier": "secteam@freebsd.org"}